from ascii_colors import ASCIIColors
from fastapi import HTTPException
from pathlib import Path
import re
import pytest
def sanitize_path_from_endpoint(path: str, error_text="A suspected LFI attack detected. The path sent to the server has suspicious elements in it!", exception_text="Invalid path!"):
    if path.strip().startswith("/"):
        raise HTTPException(status_code=400, detail=exception_text)
    # Fix the case of "/" at the beginning on the path
    if path is None:
        return path
    
    # Regular expression to detect patterns like "...." and multiple forward slashes
    suspicious_patterns = re.compile(r'(\.\.+)|(/+/)')
    
    if suspicious_patterns.search(path) or Path(path).is_absolute():
        ASCIIColors.error(error_text)
        raise HTTPException(status_code=400, detail=exception_text)
    
    path = path.lstrip('/')
    return path


def test_sanitize_path_from_endpoint():
    # Test a valid path
    valid_path = "example/path"
    assert sanitize_path_from_endpoint(valid_path) == "example/path"
    
    # Test a path with suspicious elements
    suspicious_path = "/D:/POC/secret.txt"
    
    #suspicious_path = "/images//D:/POC/secret.txt"
    with pytest.raises(HTTPException):
        sanitize_path_from_endpoint(suspicious_path)
    
    # Add more test cases as needed

if __name__ == "__main__":
    test_sanitize_path_from_endpoint()
